SecurityManager (JCAT 0.20)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

edu.cuny.cat.server
Class SecurityManager

java.lang.Object
  edu.cuny.cat.server.SecurityManager

All Implemented Interfaces:: edu.cuny.config.param.Parameterizable

public class SecurityManager
extends java.lang.Object
implements edu.cuny.config.param.Parameterizable
extends java.lang.Object
implements edu.cuny.config.param.Parameterizable

manages security issues in game server.

It detects malicious clients by examining the value of the Type header in the CHECKIN request from a client. If it contains a specified security token, the client is considered valid, otherwise invalid. Traders and specialists have different tokens.

Parameters

base`.tradertoken` String (`null` by default)	(token for traders)
base`.specialisttoken` String (`null` by default)	(token for specialists)

Default Base

security

Version:: $Revision: 1.8 $
Author:: Jinzhong Niu

Field Summary
`static java.lang.String`	`P_DEF_BASE`
`static java.lang.String`	`P_SPECIALISTTOKEN`
`static java.lang.String`	`P_TRADERTOKEN`
`protected java.lang.String`	`specialistToken`
`protected java.lang.String`	`traderToken`

Constructor Summary
`SecurityManager()`

Method Summary
`java.lang.String`	`getToken(boolean isTrader)`
`boolean`	`isAuthorizedClient(boolean isTrader, java.lang.String type)` checks if the given type string contains the valid security token.
`java.lang.String`	`removeToken(boolean isTrader, java.lang.String text)` removes the security token in a string, which otherwise may be exposed to outsiders.
`void`	`setup(edu.cuny.config.param.ParameterDatabase parameters, edu.cuny.config.param.Parameter base)`
`java.lang.String`	`toString()`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait`

Field Detail

P_TRADERTOKEN

public static final java.lang.String P_TRADERTOKEN

See Also:: Constant Field Values

P_SPECIALISTTOKEN

public static final java.lang.String P_SPECIALISTTOKEN

See Also:: Constant Field Values

P_DEF_BASE

public static final java.lang.String P_DEF_BASE

See Also:: Constant Field Values

traderToken

protected java.lang.String traderToken

specialistToken

protected java.lang.String specialistToken

Constructor Detail

SecurityManager

public SecurityManager()

Method Detail

setup

public void setup(edu.cuny.config.param.ParameterDatabase parameters,
                  edu.cuny.config.param.Parameter base)

Specified by:: setup in interface edu.cuny.config.param.Parameterizable

isAuthorizedClient

public boolean isAuthorizedClient(boolean isTrader,
                                  java.lang.String type)

checks if the given type string contains the valid security token.

Parameters:: isTrader - whether the client to be checked up is a trader or not; type - the type string of the client
Returns:: true if the desired security token is found; false otherwise

getToken

public java.lang.String getToken(boolean isTrader)

removeToken

public java.lang.String removeToken(boolean isTrader,
                                    java.lang.String text)

removes the security token in a string, which otherwise may be exposed to outsiders.

Parameters:: isTrader -; text -
Returns:: a string from which security token is removed.

toString

public java.lang.String toString()

Overrides:: toString in class java.lang.Object